Towards adaptive false alarm reduction using Cloud as a Service

Yuxin Meng; Wenjuan Li; Lam For Kwok

doi:10.1109/ChinaCom.2013.6694633

Towards adaptive false alarm reduction using Cloud as a Service

Yuxin Meng, Wenjuan Li, Lam For Kwok

Research output: Chapter in book / Conference proceeding › Conference article published in proceeding or book › Academic research › peer-review

6 Citations (Scopus)

Abstract

False alarms are a challenging issue for an intrusion detection system (IDS), which can significantly decrease the effectiveness of detection and heavily increase the burden on analyzing true alarms. With the advent of cloud computing, it is a big chance to mitigate this problem in such a promising environment. In our previous work, we proposed to construct an intelligent false alarm filter by selecting an appropriate algorithm in an adaptive way, whereas the additional workload may be an issue for implementation. In this paper, we begin by presenting a Generic Cloud-based Intrusion Detection Architecture (GCIDA) and we then propose a cloud-based solution to improve the false alarm reduction and reduce the workload using Cloud as a Service (CaaS). In addition, we also describe the procedures and the interactions between the Cloud nodes and the Cloud providers. Experimental results indicate that CaaS can provide sufficient computing power and greatly reduce the workload of adaptive false alarm reduction.

Original language	English
Title of host publication	2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013 - Proceedings
Pages	420-425
Number of pages	6
DOIs	https://doi.org/10.1109/ChinaCom.2013.6694633
Publication status	Published - 2013
Externally published	Yes
Event	2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013 - Guilin, China Duration: 14 Aug 2013 → 16 Aug 2013

Publication series

Name	2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013 - Proceedings

Conference

Conference	2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013
Country/Territory	China
City	Guilin
Period	14/08/13 → 16/08/13

Keywords

Cloud as a Service
Cloud Environment
False Alarm Reduction
Intrusion Detection
Network Performance

ASJC Scopus subject areas

Computer Networks and Communications

More information

10.1109/ChinaCom.2013.6694633

Cite this

Meng, Y., Li, W., & Kwok, L. F. (2013). Towards adaptive false alarm reduction using Cloud as a Service. In 2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013 - Proceedings (pp. 420-425). Article 6694633 (2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013 - Proceedings). https://doi.org/10.1109/ChinaCom.2013.6694633

@inproceedings{c1aa88ccbc97476790f453df4cbdae2d,

title = "Towards adaptive false alarm reduction using Cloud as a Service",

abstract = "False alarms are a challenging issue for an intrusion detection system (IDS), which can significantly decrease the effectiveness of detection and heavily increase the burden on analyzing true alarms. With the advent of cloud computing, it is a big chance to mitigate this problem in such a promising environment. In our previous work, we proposed to construct an intelligent false alarm filter by selecting an appropriate algorithm in an adaptive way, whereas the additional workload may be an issue for implementation. In this paper, we begin by presenting a Generic Cloud-based Intrusion Detection Architecture (GCIDA) and we then propose a cloud-based solution to improve the false alarm reduction and reduce the workload using Cloud as a Service (CaaS). In addition, we also describe the procedures and the interactions between the Cloud nodes and the Cloud providers. Experimental results indicate that CaaS can provide sufficient computing power and greatly reduce the workload of adaptive false alarm reduction.",

keywords = "Cloud as a Service, Cloud Environment, False Alarm Reduction, Intrusion Detection, Network Performance",

author = "Yuxin Meng and Wenjuan Li and Kwok, {Lam For}",

year = "2013",

doi = "10.1109/ChinaCom.2013.6694633",

language = "English",

isbn = "9781479914067",

series = "2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013 - Proceedings",

pages = "420--425",

booktitle = "2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013 - Proceedings",

note = "2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013 ; Conference date: 14-08-2013 Through 16-08-2013",

}

Meng, Y, Li, W & Kwok, LF 2013, Towards adaptive false alarm reduction using Cloud as a Service. in 2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013 - Proceedings., 6694633, 2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013 - Proceedings, pp. 420-425, 2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013, Guilin, China, 14/08/13. https://doi.org/10.1109/ChinaCom.2013.6694633

Towards adaptive false alarm reduction using Cloud as a Service. / Meng, Yuxin; Li, Wenjuan; Kwok, Lam For.
2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013 - Proceedings. 2013. p. 420-425 6694633 (2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013 - Proceedings).

Research output: Chapter in book / Conference proceeding › Conference article published in proceeding or book › Academic research › peer-review

TY - GEN

T1 - Towards adaptive false alarm reduction using Cloud as a Service

AU - Meng, Yuxin

AU - Li, Wenjuan

AU - Kwok, Lam For

PY - 2013

Y1 - 2013

N2 - False alarms are a challenging issue for an intrusion detection system (IDS), which can significantly decrease the effectiveness of detection and heavily increase the burden on analyzing true alarms. With the advent of cloud computing, it is a big chance to mitigate this problem in such a promising environment. In our previous work, we proposed to construct an intelligent false alarm filter by selecting an appropriate algorithm in an adaptive way, whereas the additional workload may be an issue for implementation. In this paper, we begin by presenting a Generic Cloud-based Intrusion Detection Architecture (GCIDA) and we then propose a cloud-based solution to improve the false alarm reduction and reduce the workload using Cloud as a Service (CaaS). In addition, we also describe the procedures and the interactions between the Cloud nodes and the Cloud providers. Experimental results indicate that CaaS can provide sufficient computing power and greatly reduce the workload of adaptive false alarm reduction.

AB - False alarms are a challenging issue for an intrusion detection system (IDS), which can significantly decrease the effectiveness of detection and heavily increase the burden on analyzing true alarms. With the advent of cloud computing, it is a big chance to mitigate this problem in such a promising environment. In our previous work, we proposed to construct an intelligent false alarm filter by selecting an appropriate algorithm in an adaptive way, whereas the additional workload may be an issue for implementation. In this paper, we begin by presenting a Generic Cloud-based Intrusion Detection Architecture (GCIDA) and we then propose a cloud-based solution to improve the false alarm reduction and reduce the workload using Cloud as a Service (CaaS). In addition, we also describe the procedures and the interactions between the Cloud nodes and the Cloud providers. Experimental results indicate that CaaS can provide sufficient computing power and greatly reduce the workload of adaptive false alarm reduction.

KW - Cloud as a Service

KW - Cloud Environment

KW - False Alarm Reduction

KW - Intrusion Detection

KW - Network Performance

UR - http://www.scopus.com/inward/record.url?scp=84893623401&partnerID=8YFLogxK

U2 - 10.1109/ChinaCom.2013.6694633

DO - 10.1109/ChinaCom.2013.6694633

M3 - Conference article published in proceeding or book

AN - SCOPUS:84893623401

SN - 9781479914067

T3 - 2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013 - Proceedings

SP - 420

EP - 425

BT - 2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013 - Proceedings

T2 - 2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013

Y2 - 14 August 2013 through 16 August 2013

ER -

Meng Y, Li W, Kwok LF. Towards adaptive false alarm reduction using Cloud as a Service. In 2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013 - Proceedings. 2013. p. 420-425. 6694633. (2013 8th International ICST Conference on Communications and Networking in China, CHINACOM 2013 - Proceedings). doi: 10.1109/ChinaCom.2013.6694633

Towards adaptive false alarm reduction using Cloud as a Service

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

More information

Other files and links

Fingerprint

Cite this